{"id":139597,"date":"2022-01-17T10:32:15","date_gmt":"2022-01-17T10:32:15","guid":{"rendered":"https:\/\/www.techweekmag.com\/?p=139597"},"modified":"2022-01-17T10:32:15","modified_gmt":"2022-01-17T10:32:15","slug":"new-vulnerability-in-safari-leaks-user-data","status":"publish","type":"post","link":"https:\/\/www.stereoindex.com\/tech\/technology\/new-vulnerability-in-safari-leaks-user-data\/","title":{"rendered":"New vulnerability in Safari leaks user data"},"content":{"rendered":"<p>Researchers have found a vulnerability in the Safari browser, which is popular on Mac computers and in the iOS mobile operating system.\u00a0This feature is said to allow browsing history as well as Google usernames,\u00a0FingerprintJS\u00a0<a href=\"https:\/\/fingerprintjs.com\/blog\/indexeddb-api-browser-vulnerability-safari-15\/\">reports .<\/a><\/p>\n<p>As the researchers found out, the vulnerability is observed in Safari 15 on all devices and even in third-party browsers that run on iOS 15 and iPadOS 15. The vulnerability manifests itself in third-party browsers, as Apple obliges their manufacturers to use the Safari engine on iOS and iPadOS.\u00a0FingerprintJS stated that they have already notified Apple about the problem, but the company has not yet fixed it.<\/p>\n<p>The vulnerability is based on the IndexedDB browser API, which allows websites to save databases on user devices.\u00a0According to the idea of \u200b\u200bthe mechanism, access to the database created by a particular site can only be obtained by the same site.\u00a0However, when a site accesses its database, Safari &#8220;creates a new (empty) database with the same name in all frames, tabs, and windows in the session,&#8221; says FingerprintJS.\u00a0This allows one site to know what other resources the user has visited, as well as to learn some data about him, such as a Google ID, which can allow you to identify the person.<\/p>\n<figure id=\"attachment_139599\" aria-describedby=\"caption-attachment-139599\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-139599\" src=\"https:\/\/www.stereoindex.com\/tech\/wp-content\/uploads\/2022\/01\/New-vulnerability-in-Safari-leaks-user-data-1.jpeg\" alt=\"New vulnerability in Safari leaks user data\" width=\"2428\" height=\"1422\" srcset=\"https:\/\/www.stereoindex.com\/tech\/wp-content\/uploads\/2022\/01\/New-vulnerability-in-Safari-leaks-user-data-1.jpeg 2428w, https:\/\/www.stereoindex.com\/tech\/wp-content\/uploads\/2022\/01\/New-vulnerability-in-Safari-leaks-user-data-1-800x469.jpeg 800w, https:\/\/www.stereoindex.com\/tech\/wp-content\/uploads\/2022\/01\/New-vulnerability-in-Safari-leaks-user-data-1-1080x633.jpeg 1080w, https:\/\/www.stereoindex.com\/tech\/wp-content\/uploads\/2022\/01\/New-vulnerability-in-Safari-leaks-user-data-1-909x532.jpeg 909w, https:\/\/www.stereoindex.com\/tech\/wp-content\/uploads\/2022\/01\/New-vulnerability-in-Safari-leaks-user-data-1-1536x900.jpeg 1536w, https:\/\/www.stereoindex.com\/tech\/wp-content\/uploads\/2022\/01\/New-vulnerability-in-Safari-leaks-user-data-1-2048x1199.jpeg 2048w, https:\/\/www.stereoindex.com\/tech\/wp-content\/uploads\/2022\/01\/New-vulnerability-in-Safari-leaks-user-data-1-432x253.jpeg 432w, https:\/\/www.stereoindex.com\/tech\/wp-content\/uploads\/2022\/01\/New-vulnerability-in-Safari-leaks-user-data-1-1539x901.jpeg 1539w\" sizes=\"auto, (max-width: 2428px) 100vw, 2428px\" \/><figcaption id=\"caption-attachment-139599\" class=\"wp-caption-text\">New vulnerability in Safari leaks user data<\/figcaption><\/figure>\n<p>Some sites, including YouTube and other Google services, put the username in the database name.\u00a0Having obtained a login, attackers can find out other personal information, such as the last name, first name, and account photo.<\/p>\n<p>The company that discovered the vulnerability has created\u00a0<a href=\"https:\/\/safarileaks.com\/\" rel=\"nofollow\">a website<\/a>\u00a0where you can test it in action.\u00a0When visited with Safari version 15, the visitor&#8217;s recent activity on a number of popular sites is displayed.\u00a0On the iPhone and iPad, the vulnerability affects all browsers, as they are based on the Safari engine.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Researchers have found a vulnerability in the Safari browser, which is popular on Mac computers and in the iOS mobile operating system.\u00a0This feature is said to allow browsing history as well as Google usernames,\u00a0FingerprintJS\u00a0reports . As the researchers found out, the vulnerability is observed in Safari 15 on all devices and even in third-party browsers [&hellip;] <a class=\"g1-link g1-link-more\" href=\"https:\/\/www.stereoindex.com\/tech\/technology\/new-vulnerability-in-safari-leaks-user-data\/\">More<\/a><\/p>\n","protected":false},"author":10404,"featured_media":139598,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[805],"tags":[779],"class_list":{"0":"post-139597","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-technology","8":"tag-news"},"acf":[],"aioseo_notices":[],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.stereoindex.com\/tech\/wp-json\/wp\/v2\/posts\/139597","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.stereoindex.com\/tech\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.stereoindex.com\/tech\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.stereoindex.com\/tech\/wp-json\/wp\/v2\/users\/10404"}],"replies":[{"embeddable":true,"href":"https:\/\/www.stereoindex.com\/tech\/wp-json\/wp\/v2\/comments?post=139597"}],"version-history":[{"count":0,"href":"https:\/\/www.stereoindex.com\/tech\/wp-json\/wp\/v2\/posts\/139597\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.stereoindex.com\/tech\/wp-json\/wp\/v2\/media\/139598"}],"wp:attachment":[{"href":"https:\/\/www.stereoindex.com\/tech\/wp-json\/wp\/v2\/media?parent=139597"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.stereoindex.com\/tech\/wp-json\/wp\/v2\/categories?post=139597"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.stereoindex.com\/tech\/wp-json\/wp\/v2\/tags?post=139597"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}